Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/81b84b72-b720-494f-b1f4-ec011eb6a41b.roa
File:                     81b84b72-b720-494f-b1f4-ec011eb6a41b.roa (raw, json)
Hash identifier:          gTPG2FuA44h8d8gvG7J+rworsHUT+nPLOVyVsaCEPb8=
Subject key identifier:   BF:DA:96:35:01:96:98:02:57:2C:04:C0:45:15:36:73:70:55:C4:22
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       301684AB1C20E11357B084012A8CC89B539CCC00
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/81b84b72-b720-494f-b1f4-ec011eb6a41b.roa
Signing time:             Sun 19 Oct 2025 05:00:13 +0000
ROA not before:           Sun 19 Oct 2025 05:00:13 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     801
IP address blocks:        2606:7b40::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:16:84:ab:1c:20:e1:13:57:b0:84:01:2a:8c:c8:9b:53:9c:cc:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct 19 05:00:13 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=1cb5fc4c5480568d3ce6da3fcd341cdc69d302a407bb6f305baf309636b0d532, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:85:71:7b:76:98:44:e0:bf:99:a2:86:e5:1d:
                    c7:b3:a0:e0:3c:25:1a:e2:02:bd:1e:7a:bf:6a:1c:
                    ef:1a:94:a4:c0:7d:df:f1:f9:cd:9f:f5:21:ff:30:
                    9e:b3:f1:bf:5d:2f:a0:11:cd:6e:67:a5:e5:e3:db:
                    c7:08:da:40:78:f9:27:e8:8b:67:23:bb:19:ba:3c:
                    77:48:2f:f1:da:a9:fe:07:83:b7:67:e6:6a:fd:5e:
                    2c:9a:40:51:65:63:11:06:cc:9e:85:72:45:0e:44:
                    8e:ec:c9:af:ae:b8:d6:8f:bf:eb:5b:5e:53:e3:d0:
                    4b:b8:ea:5a:8a:e1:e9:39:c6:c5:7b:a8:c3:b3:00:
                    e8:a3:85:63:d2:8a:a6:8c:b2:c3:d0:ab:74:e2:ac:
                    d3:7c:fa:cc:5e:c3:bf:2d:02:ab:7f:48:77:f3:18:
                    d2:3b:f4:a8:2d:7b:aa:38:bb:2d:b6:c3:ca:f4:95:
                    8a:c2:36:38:5b:11:4b:8a:bb:11:1a:aa:19:42:b2:
                    df:1f:4a:32:04:7c:9e:fc:35:e1:c3:0e:a8:02:43:
                    ec:0c:f5:fb:96:24:a2:cf:17:d8:87:1e:40:13:43:
                    cb:c6:a4:2e:a7:d9:7d:8e:cd:c1:5d:61:f8:c2:2f:
                    f0:17:18:f2:72:b2:a3:09:f8:e8:b2:9e:71:a5:ef:
                    62:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:DA:96:35:01:96:98:02:57:2C:04:C0:45:15:36:73:70:55:C4:22
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/81b84b72-b720-494f-b1f4-ec011eb6a41b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:7b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         36:55:53:37:da:30:95:d5:6f:19:c2:72:ec:11:da:33:98:54:
         b5:7f:18:4a:59:8d:77:8b:59:bd:f8:ab:11:aa:94:de:56:36:
         55:1d:2e:b2:3f:d9:ab:6f:00:ea:eb:69:e7:c8:41:05:6a:29:
         c0:20:53:2b:7b:c2:7d:85:db:b5:76:f5:59:a7:ca:a9:04:3f:
         e7:17:b5:49:f5:8c:16:89:55:a7:26:7b:9b:20:a6:d6:ef:ce:
         14:e4:58:fb:0f:2f:9c:ba:ff:75:c2:fd:c3:bb:11:2f:f8:25:
         05:0e:21:c9:c7:05:03:dd:8a:48:e7:24:0b:57:30:6f:f9:ed:
         1e:8d:e8:c9:b2:b7:8f:47:e2:80:ca:56:19:a6:d5:99:38:08:
         3d:cf:6d:06:8e:1f:ad:88:6b:8b:1c:47:56:0e:c5:7f:79:cf:
         59:50:a1:dc:85:55:33:96:1a:a9:01:d2:f9:5d:2d:54:45:d2:
         a9:61:ab:02:1b:55:5a:c8:0f:45:f4:59:8f:1e:3d:62:e4:b6:
         c2:17:d1:10:24:db:7d:6d:e1:70:75:99:72:d7:e2:ad:e3:5a:
         18:26:f8:85:bb:64:26:9a:84:1c:3e:ee:28:83:23:37:f5:9d:
         de:83:da:a1:e4:70:72:0e:ef:2a:38:ba:22:b1:32:30:01:89:
         70:69:05:be
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUMBaEqxwg4RNXsIQBKozIm1OczAAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDE5MDUwMDEzWhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxY2I1ZmM0YzU0ODA1NjhkM2NlNmRhM2ZjZDM0MWNkYzY5
ZDMwMmE0MDdiYjZmMzA1YmFmMzA5NjM2YjBkNTMyMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNhXF7dphE4L+ZooblHcezoOA8JRriAr0eer9qHO8alKTA
fd/x+c2f9SH/MJ6z8b9dL6ARzW5npeXj28cI2kB4+Sfoi2cjuxm6PHdIL/Haqf4H
g7dn5mr9XiyaQFFlYxEGzJ6FckUORI7sya+uuNaPv+tbXlPj0Eu46lqK4ek5xsV7
qMOzAOijhWPSiqaMssPQq3TirNN8+sxew78tAqt/SHfzGNI79Kgte6o4uy22w8r0
lYrCNjhbEUuKuxEaqhlCst8fSjIEfJ78NeHDDqgCQ+wM9fuWJKLPF9iHHkATQ8vG
pC6n2X2OzcFdYfjCL/AXGPJysqMJ+OiynnGl72JBAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUv9qWNQGWmAJXLATARRU2c3BVxCIwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzgxYjg0YjcyLWI3MjAtNDk0Zi1iMWY0LWVjMDExZWI2YTQxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBntAMA0GCSqGSIb3DQEBCwUAA4IBAQA2VVM32jCV1W8ZwnLsEdozmFS1
fxhKWY13i1m9+KsRqpTeVjZVHS6yP9mrbwDq62nnyEEFainAIFMre8J9hdu1dvVZ
p8qpBD/nF7VJ9YwWiVWnJnubIKbW784U5Fj7Dy+cuv91wv3DuxEv+CUFDiHJxwUD
3YpI5yQLVzBv+e0ejejJsrePR+KAylYZptWZOAg9z20Gjh+tiGuLHEdWDsV/ec9Z
UKHchVUzlhqpAdL5XS1URdKpYasCG1VayA9F9FmPHj1i5LbCF9EQJNt9beFwdZly
1+Kt41oYJviFu2QmmoQcPu4ogyM39Z3eg9qh5HByDu8qOLoisTIwAYlwaQW+
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:44:01 2025 by rpki-client